C
Cambio Del Arte
Hi All,
I am attemtping to set up a (seemingly simple) non-
transitive (external), one-way trust relationship between
2 W2K domains (domA.com is trusted by domB.com) running
in Native W2K mode (NetBIOS is also disabled on
Adapters). However, the trust verification is failing
with the error:
"The secure channel query on domain controller
\\dc1.domA.com of domain dom1.com to domain domB.com
failed with error: The specified domain either does not
exist or could not be contacted"
I cannot account for this error as all tests indicate
that the required connectivity is in place.
Each domain has its own dedicated DNS infrastructure,
however I have manually created respective "primary"
zones and imported the zone files from the corresponding
domains such that all necessary resource and host records
can be queried in each domain/DNS. This is confirmed with
the following succesful tests:
-------------------
nslookup
Address: 10.10.10.10
domB.com
primary name server = dc1.domB.com
responsible mail addr = administrator.dom2.com
serial = 137
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
-----------------
NLTEST /DSGETDC:domB.com
DC: \\dc1.domB.com
Address: \\11.11.11.11
Dom Guid: r342dw3c-1657-4b8f-8626-ba27509d8d5e
Dom Name: domB.com
Forest Name: domB.com
Dc Site Name: Default-First-Site-Name
Our Site Name: Default-First-Site-Name
Flags: PDC GC DS LDAP KDC TIMESERV WRITABLE
DNS_DC DNS_DOMAIN DNS_FOREST CLOSE_SITE
The command completed successfully
---------------------
I am also able to connect to the file share (with
authentication) \\dc1.domB.com\sysvol
--------------------
I can succesfully query the ldap service on domB using
the ldp.exe tool.
---------------------
These domain are seperated by a firewall, but all
required packets are being passed (DS, LDAP, Kerberos,
etc),no packets are beinf dropped.
Any suggestions?
- Cambio
I am attemtping to set up a (seemingly simple) non-
transitive (external), one-way trust relationship between
2 W2K domains (domA.com is trusted by domB.com) running
in Native W2K mode (NetBIOS is also disabled on
Adapters). However, the trust verification is failing
with the error:
"The secure channel query on domain controller
\\dc1.domA.com of domain dom1.com to domain domB.com
failed with error: The specified domain either does not
exist or could not be contacted"
I cannot account for this error as all tests indicate
that the required connectivity is in place.
Each domain has its own dedicated DNS infrastructure,
however I have manually created respective "primary"
zones and imported the zone files from the corresponding
domains such that all necessary resource and host records
can be queried in each domain/DNS. This is confirmed with
the following succesful tests:
-------------------
nslookup
Server: dc1.domA.com.com
Address: 10.10.10.10
domB.com
primary name server = dc1.domB.com
responsible mail addr = administrator.dom2.com
serial = 137
refresh = 900 (15 mins)
retry = 600 (10 mins)
expire = 86400 (1 day)
default TTL = 3600 (1 hour)
-----------------
NLTEST /DSGETDC:domB.com
DC: \\dc1.domB.com
Address: \\11.11.11.11
Dom Guid: r342dw3c-1657-4b8f-8626-ba27509d8d5e
Dom Name: domB.com
Forest Name: domB.com
Dc Site Name: Default-First-Site-Name
Our Site Name: Default-First-Site-Name
Flags: PDC GC DS LDAP KDC TIMESERV WRITABLE
DNS_DC DNS_DOMAIN DNS_FOREST CLOSE_SITE
The command completed successfully
---------------------
I am also able to connect to the file share (with
authentication) \\dc1.domB.com\sysvol
--------------------
I can succesfully query the ldap service on domB using
the ldp.exe tool.
---------------------
These domain are seperated by a firewall, but all
required packets are being passed (DS, LDAP, Kerberos,
etc),no packets are beinf dropped.
Any suggestions?
- Cambio